Description

Use-after-free vulnerability in the Zend engine in PHP before 5.2.15 and 5.3.x before 5.3.4 might allow context-dependent attackers to cause a denial of service (heap memory corruption) or have unspecified other impact via vectors related to use of __set, __get, __isset, and __unset methods on objects accessed by a reference.

Remediation

References

CVE-2010-4697

Related Vulnerabilities

Oracle Database Server Credentials Management Errors Vulnerability (CVE-2007-6260)

MediaWiki Missing Authentication for Critical Function Vulnerability (CVE-2019-12468)

WordPress Plugin Js-appointment 'searchdata.php' SQL Injection (1.5)

Oracle Application Server CVE-2009-3412 Vulnerability (CVE-2009-3412)

Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-43558)

Severity

Medium

Classification

CVE-2010-4697

Tags

Missing Update Known Vulnerabilities